Blog

Archives

Archive for the ‘keychain’ Category

As of Adium 1.2.4, the Adium binary is signed. This means that our cryptographic signature is embedded in official releases of the application, and that any changes to that bundle will invalidate the signature and thereby alert your system (assuming it is running Mac OS X 10.5 or later) that the integrity of the program is compromised. One of the most obvious advantages of this besides basic security is that you should no longer be prompted to allow new versions to access your keychain items; the security layer can tell with confidence that Adium 1.2.5 is signed by the same folks who signed Adium 1.2.4 and that it should be allowed without question.

If you mess with the Adium binary in any way, you will invalidate the signature, and access to secure resources — specifically keychain items where your passwords are stored — will be disallowed by Mac OS X. Don’t do that.

A prime example (seen in our IRC support channel recently) are the programs such as Monolingual designed to “slim down” Universal Binary (a.k.a. “fat binary”) programs which have both PPC and Intel code. Removing part of the code invalidates the signature. This leads to warning messages.